CVE-2014-1743

high

Published 2014-05-21 · Modified 2026-05-06

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

—

CVSS v4 NEW

—

not yet in upstream

VIR risk

7.5

Description

Use-after-free vulnerability in the StyleElement::removedFromDocument function in core/dom/StyleElement.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code that triggers tree mutation.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Application impact

Vendor	Product	Versions
google	chrome	`{"endIncluding":"35.0.1916.113"}`
google	chrome	`35.0.1916.0`
google	chrome	`35.0.1916.1`
google	chrome	`35.0.1916.2`
google	chrome	`35.0.1916.3`
google	chrome	`35.0.1916.4`
google	chrome	`35.0.1916.5`
google	chrome	`35.0.1916.6`
google	chrome	`35.0.1916.7`
google	chrome	`35.0.1916.8`
google	chrome	`35.0.1916.9`
google	chrome	`35.0.1916.10`
google	chrome	`35.0.1916.11`
google	chrome	`35.0.1916.13`
google	chrome	`35.0.1916.14`
google	chrome	`35.0.1916.15`
google	chrome	`35.0.1916.17`
google	chrome	`35.0.1916.18`
google	chrome	`35.0.1916.19`
google	chrome	`35.0.1916.20`
google	chrome	`35.0.1916.21`
google	chrome	`35.0.1916.22`
google	chrome	`35.0.1916.23`
google	chrome	`35.0.1916.27`
google	chrome	`35.0.1916.31`
google	chrome	`35.0.1916.32`
google	chrome	`35.0.1916.33`
google	chrome	`35.0.1916.34`
google	chrome	`35.0.1916.35`
google	chrome	`35.0.1916.36`
google	chrome	`35.0.1916.37`
google	chrome	`35.0.1916.38`
google	chrome	`35.0.1916.39`
google	chrome	`35.0.1916.40`
google	chrome	`35.0.1916.41`
google	chrome	`35.0.1916.42`
google	chrome	`35.0.1916.43`
google	chrome	`35.0.1916.44`
google	chrome	`35.0.1916.45`
google	chrome	`35.0.1916.46`
google	chrome	`35.0.1916.47`
google	chrome	`35.0.1916.48`
google	chrome	`35.0.1916.49`
google	chrome	`35.0.1916.51`
google	chrome	`35.0.1916.52`
google	chrome	`35.0.1916.54`
google	chrome	`35.0.1916.56`
google	chrome	`35.0.1916.57`
google	chrome	`35.0.1916.59`
google	chrome	`35.0.1916.61`
google	chrome	`35.0.1916.68`
google	chrome	`35.0.1916.69`
google	chrome	`35.0.1916.71`
google	chrome	`35.0.1916.72`
google	chrome	`35.0.1916.74`
google	chrome	`35.0.1916.77`
google	chrome	`35.0.1916.80`
google	chrome	`35.0.1916.82`
google	chrome	`35.0.1916.84`
google	chrome	`35.0.1916.85`
google	chrome	`35.0.1916.86`
google	chrome	`35.0.1916.88`
google	chrome	`35.0.1916.90`
google	chrome	`35.0.1916.92`
google	chrome	`35.0.1916.93`
google	chrome	`35.0.1916.95`
google	chrome	`35.0.1916.96`
google	chrome	`35.0.1916.98`
google	chrome	`35.0.1916.99`
google	chrome	`35.0.1916.101`
google	chrome	`35.0.1916.103`
google	chrome	`35.0.1916.104`
google	chrome	`35.0.1916.105`
google	chrome	`35.0.1916.106`
google	chrome	`35.0.1916.107`
google	chrome	`35.0.1916.108`
google	chrome	`35.0.1916.109`
google	chrome	`35.0.1916.110`
google	chrome	`35.0.1916.111`
google	chrome	`35.0.1916.112`

References

CWEs

CWE-399

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.